Moodle PHP Documentation 4.5
Moodle 4.5dev (Build: 20240606) (d3ae1391abe)
|
Configurable oauth2 client class. More...
Public Member Functions | |
__construct (issuer $issuer, $returnurl, $scopesrequired, $system=false, $autorefresh=false) | |
Constructor. | |
build_post_data ($params) | |
Given an array of name value pairs - build a valid HTTP POST application/x-www-form-urlencoded string. | |
cleanopt () | |
Reset http method. | |
delete ($url, $param=array(), $options=array()) | |
HTTP DELETE method. | |
download ($requests, $options=array()) | |
Download multiple files in parallel. | |
download_one ($url, $params, $options=array()) | |
Downloads one file and writes it to the specified file handler. | |
get ($url, $params=array(), $options=array()) | |
HTTP GET method. | |
get_accesstoken () | |
Get access token object. | |
get_additional_login_parameters () | |
Override to append additional params to a authentication request. | |
get_clientid () | |
Get the client ID. | |
get_clientsecret () | |
Get the client secret. | |
get_errno () | |
Get curl error code. | |
get_info () | |
Get curl information. | |
get_issuer () | |
Get the oauth2 issuer for this client. | |
get_login_url () | |
Returns the login link for this oauth request. | |
get_raw_response () | |
Get raw HTTP Response Headers. | |
get_raw_userinfo () | |
Fetch the user info from the user info endpoint. | |
get_refresh_token () | |
Get a refresh token!!! | |
get_security () | |
Returns the current curl security helper. | |
get_userinfo () | |
Fetch the user info from the user info endpoint and map all the fields back into moodle fields. | |
getResponse () | |
Get HTTP Response Headers. | |
head ($url, $options=array()) | |
HTTP HEAD method. | |
is_logged_in () | |
Override which in addition to auth code upgrade, also attempts to exchange a refresh token for an access token. | |
log_out () | |
Override which, in addition to deleting access tokens, also deletes any stored refresh token. | |
options ($url, $options=array()) | |
HTTP OPTIONS method. | |
patch ($url, $params='', $options=array()) | |
HTTP PATCH method. | |
post ($url, $params='', $options=array()) | |
HTTP POST method. | |
put ($url, $params=array(), $options=array()) | |
HTTP PUT method. | |
resetcookie () | |
Reset Cookie. | |
resetHeader () | |
Resets the HTTP Request headers (to prepare for the new request) | |
resetopt () | |
Resets the CURL options that have already been set. | |
set_security ($securityobject) | |
Sets the curl security helper. | |
setHeader ($header) | |
Set HTTP Request Header. | |
setopt ($options=array()) | |
Set curl options. | |
trace ($url, $options=array()) | |
HTTP TRACE method. | |
upgrade_refresh_token (system_account $systemaccount) | |
Upgrade a refresh token from oauth 2.0 to an access token, for system clients only. | |
upgrade_token ($code) | |
Override which upgrades the authorization code to an access token and stores any refresh token in the DB. | |
Static Public Member Functions | |
static | callback_url () |
Callback url where the request is returned to. | |
static | get_cacert () |
Get the location of ca certificates. | |
static | mock_response ($response) |
For use only in unit tests - we can pre-set the next curl response. | |
static | strip_double_headers ($input) |
When using a proxy, an additional HTTP response code may appear at the start of the header. | |
Public Attributes | |
array | $_tmp_file_post_params = [] |
temporary params value if the value is not belongs to class stored_file. | |
curl_cache false | $cache = false |
Caches http request contents. | |
bool | $emulateredirects = null |
Perform redirects at PHP level instead of relying on native cURL functionality. | |
int | $errno |
error code | |
string | $error |
error | |
array | $header = array() |
http header | |
array | $info |
cURL information | |
bool | $proxy = null |
Uses proxy, null means automatic based on URL. | |
array | $rawresponse = array() |
Raw response headers, needed for BC in download_file_content(). | |
array | $response = array() |
http's response | |
string | $version = '0.4 dev' |
library version | |
Protected Member Functions | |
auth_url () | |
Returns the auth url for OAuth 2.0 request. | |
can_autorefresh () | |
Whether this client should automatically exchange a refresh token for an access token as part of login checks. | |
check_securityhelper_blocklist (string $url) | |
check_securityhelper_blocklist. | |
exchange_refresh_token (string $refreshtoken) | |
Attempt to exchange a refresh token for a new access token. | |
get_login_scopes () | |
Override to change the scopes requested with an authentiction request. | |
get_stored_token () | |
Retrieve a stored token from session (user accounts) or database (system accounts). | |
get_tokenname () | |
We want a unique key for each issuer / and a different key for system vs user oauth. | |
get_userinfo_mapping () | |
Get a list of the mapping user fields in an associative array. | |
map_userinfo_to_fields (stdClass $userinfo) | |
Maps the oauth2 response to userfields. | |
multi ($requests, $options=array()) | |
Multiple HTTP Requests This function could run multi-requests in parallel. | |
request ($url, $options=array()) | |
Single HTTP Request. | |
request ($url, $options=array(), $acceptheader='application/json') | |
Make a HTTP request, adding the access token we have. | |
reset_request_state_vars () | |
Helper function to reset the request state vars. | |
store_token ($token) | |
Store a token between requests. | |
store_user_refresh_token (stdClass $token) | |
Store the user's refresh token for later use. | |
token_url () | |
Returns the token url for OAuth 2.0 request. | |
use_http_get () | |
Should HTTP GET be used instead of POST? Some APIs do not support POST and want oauth to use GET instead (with the auth_token passed as a GET param). | |
Configurable oauth2 client class.
URLs come from DB and access tokens from either DB (system accounts) or session (users').
core\oauth2\client::__construct | ( | issuer | $issuer, |
$returnurl, | |||
$scopesrequired, | |||
$system = false, | |||
$autorefresh = false ) |
Constructor.
issuer | $issuer | |
moodle_url | null | $returnurl | |
string | $scopesrequired | |
boolean | $system | |
boolean | $autorefresh | whether refresh_token grants are used to allow continued access across sessions. |
|
protected |
Returns the auth url for OAuth 2.0 request.
string | the auth url |
Reimplemented from oauth2_client.
Reimplemented in repository_dropbox\dropbox.
|
inherited |
Given an array of name value pairs - build a valid HTTP POST application/x-www-form-urlencoded string.
array | $params | Name / value pairs. |
string | POST data. |
|
staticinherited |
Callback url where the request is returned to.
moodle_url | url of callback |
Reimplemented in core_badges\oauth2\client.
|
protected |
Whether this client should automatically exchange a refresh token for an access token as part of login checks.
bool | true if supported, false otherwise. |
|
protectedinherited |
check_securityhelper_blocklist.
Checks whether the given URL is blocked by checking both plugin's security helpers and core curl security helper or any curl security helper that passed to curl class constructor. If ignoresecurity is set to true, skip checking and consider the url is not blocked. This augments all installed plugin's security helpers if there is any.
string | $url | the url to check. |
?string | - an error message if URL is blocked or null if URL is not blocked. |
|
inherited |
HTTP DELETE method.
string | $url | |
array | $param | |
array | $options |
string |
|
inherited |
Download multiple files in parallel.
Calls multi() with specific download headers
$c = new curl(); $file1 = fopen('a', 'wb'); $file2 = fopen('b', 'wb'); $c->download(array( array('url'=>'http://localhost/', 'file'=>$file1), array('url'=>'http://localhost/20/', 'file'=>$file2) )); fclose($file1); fclose($file2);
or
$c = new curl(); $c->download(array( array('url'=>'http://localhost/', 'filepath'=>'/tmp/file1.tmp'), array('url'=>'http://localhost/20/', 'filepath'=>'/tmp/file2.tmp') ));
array | $requests | An array of files to request { url => url to download the file [required] file => file handler, or filepath => file path } If 'file' and 'filepath' parameters are both specified in one request, the open file handle in the 'file' parameter will take precedence and 'filepath' will be ignored. |
array | $options | An array of options to set |
array | An array of results |
|
inherited |
Downloads one file and writes it to the specified file handler.
$c = new curl(); $file = fopen('savepath', 'w'); $result = $c->download_one('http://localhost/', null, array('file' => $file, 'timeout' => 5, 'followlocation' => true, 'maxredirs' => 3)); fclose($file); $download_info = $c->get_info(); if ($result === true) { // file downloaded successfully } else { $error_text = $result; $error_code = $c->get_errno(); }
$c = new curl(); $result = $c->download_one('http://localhost/', null, array('filepath' => 'savepath', 'timeout' => 5, 'followlocation' => true, 'maxredirs' => 3)); // ... see above, no need to close handle and remove file if unsuccessful
string | $url | |
array | null | $params | key-value pairs to be added to $url as query string |
array | $options | request options. Must include either 'file' or 'filepath' |
bool|string | true on success or error string on failure |
|
protected |
Attempt to exchange a refresh token for a new access token.
If successful, will return an array of token objects in the form: Array ( [access_token] => stdClass object ( [token] => 'the_token_string' [expires] => 123456789 [scope] => 'openid files etc' ) [refresh_token] => stdClass object ( [token] => 'the_refresh_token_string' [scope] => 'openid files etc' ) ) where the 'refresh_token' will only be provided if supplied by the auth server in the response.
string | $refreshtoken | the refresh token to exchange. |
null|array | array containing access token and refresh token if provided, null if the exchange was denied. |
moodle_exception | if an invalid response is received or if the response contains errors. |
|
inherited |
HTTP GET method.
string | $url | |
?array | $params | |
array | $options |
string |
|
inherited |
Get access token object.
This is just a getter to read the private property.
stdClass |
core\oauth2\client::get_additional_login_parameters | ( | ) |
Override to append additional params to a authentication request.
array | (name value pairs). |
Reimplemented from oauth2_client.
|
staticinherited |
Get the location of ca certificates.
string | absolute file path or empty if default used |
|
inherited |
Get the client ID.
This is just a getter to read the private property.
string |
|
inherited |
Get the client secret.
This is just a getter to read the private property.
string |
|
inherited |
Get curl error code.
int |
|
inherited |
Get curl information.
array |
core\oauth2\client::get_issuer | ( | ) |
Get the oauth2 issuer for this client.
core\oauth2\issuer | Issuer |
|
protected |
Override to change the scopes requested with an authentiction request.
string |
Reimplemented in repository_dropbox\dropbox.
|
inherited |
Returns the login link for this oauth request.
moodle_url | login url |
Reimplemented in core_badges\oauth2\client.
|
inherited |
Get raw HTTP Response Headers.
array | of strings |
core\oauth2\client::get_raw_userinfo | ( | ) |
Fetch the user info from the user info endpoint.
stdClass|false | Moodle user fields for the logged in user (or false if request failed) |
moodle_exception | if the response is empty after decoding it. |
|
inherited |
Get a refresh token!!!
string |
|
inherited |
Returns the current curl security helper.
core\files\curl_security_helper | instance. |
|
protected |
Retrieve a stored token from session (user accounts) or database (system accounts).
stdClass|null | token object |
Reimplemented from oauth2_client.
Reimplemented in core_badges\oauth2\client.
|
protected |
We want a unique key for each issuer / and a different key for system vs user oauth.
string | The unique key for the session value. |
Reimplemented from oauth2_client.
core\oauth2\client::get_userinfo | ( | ) |
Fetch the user info from the user info endpoint and map all the fields back into moodle fields.
stdClass|false | Moodle user fields for the logged in user (or false if request failed) |
moodle_exception | if the response is empty after decoding it. |
Reimplemented in core\oauth2\client\linkedin.
|
protected |
Get a list of the mapping user fields in an associative array.
array |
|
inherited |
Get HTTP Response Headers.
array | of arrays |
|
inherited |
HTTP HEAD method.
string | $url | |
array | $options |
string |
core\oauth2\client::is_logged_in | ( | ) |
Override which in addition to auth code upgrade, also attempts to exchange a refresh token for an access token.
bool | true if the user is logged in as a result, false otherwise. |
Reimplemented from oauth2_client.
Reimplemented in core_badges\oauth2\client.
core\oauth2\client::log_out | ( | ) |
Override which, in addition to deleting access tokens, also deletes any stored refresh token.
Reimplemented from oauth2_client.
|
protected |
Maps the oauth2 response to userfields.
stdClass | $userinfo |
array |
|
staticinherited |
For use only in unit tests - we can pre-set the next curl response.
This is useful for unit testing APIs that call external systems.
string | $response |
|
protectedinherited |
Multiple HTTP Requests This function could run multi-requests in parallel.
array | $requests | An array of files to request |
array | $options | An array of options to set |
array | An array of results |
Reimplemented from curl.
|
inherited |
HTTP OPTIONS method.
string | $url | |
array | $options |
string |
|
inherited |
HTTP PATCH method.
string | $url | |
array | string | $params | |
array | $options |
string |
|
inherited |
HTTP POST method.
string | $url | |
array | string | $params | |
array | $options |
string |
|
inherited |
HTTP PUT method.
string | $url | |
array | $params | |
array | $options |
?string |
|
protectedinherited |
Single HTTP Request.
string | $url | The URL to request |
array | $options |
string |
|
protectedinherited |
Make a HTTP request, adding the access token we have.
string | $url | The URL to request |
array | $options | |
mixed | $acceptheader | mimetype (as string) or false to skip sending an accept header. |
string |
Reimplemented in google_oauth.
|
protectedinherited |
Helper function to reset the request state vars.
void. |
|
inherited |
Sets the curl security helper.
core\files\curl_security_helper | $securityobject | instance/subclass of the base curl_security_helper class. |
bool | true if the security helper could be set, false otherwise. |
|
inherited |
Set HTTP Request Header.
array | string | $header |
|
inherited |
Set curl options.
Do not use the curl constants to define the options, pass a string corresponding to that constant. Ie. to set CURLOPT_MAXREDIRS, pass array('CURLOPT_MAXREDIRS' => 10) or array('maxredirs' => 10) to this method.
array | $options | If array is null, this function will reset the options to default value. |
void |
coding_exception | If an option uses constant value instead of option name. |
|
protected |
Store a token between requests.
Uses session named by get_tokenname for user account tokens and a database record for system account tokens.
stdClass | null | $token | token object to store or null to clear |
Reimplemented from oauth2_client.
Reimplemented in core_badges\oauth2\client.
|
protected |
Store the user's refresh token for later use.
stdClass | $token | a refresh token. |
|
staticinherited |
When using a proxy, an additional HTTP response code may appear at the start of the header.
For example, when using https over a proxy there may be 'HTTP/1.0 200 Connection Established'. Other codes are also possible and some may come with their own headers.
If using the return value containing all headers, this function can be called to remove unwanted doubles.
Note that it is not possible to distinguish this situation from valid data unless you know the actual response part (below the headers) will not be included in this string, or else will not 'look like' HTTP headers. As a result it is not safe to call this function for general data.
string | $input | Input HTTP response |
string | HTTP response with additional headers stripped if any |
|
protected |
Returns the token url for OAuth 2.0 request.
We are overriding the parent function so we get this from the configured endpoint.
string | the auth url |
Reimplemented from oauth2_client.
Reimplemented in repository_dropbox\dropbox.
|
inherited |
HTTP TRACE method.
string | $url | |
array | $options |
string |
core\oauth2\client::upgrade_refresh_token | ( | system_account | $systemaccount | ) |
Upgrade a refresh token from oauth 2.0 to an access token, for system clients only.
core\oauth2\system_account | $systemaccount |
boolean | true if token is upgraded succesfully |
core\oauth2\client::upgrade_token | ( | $code | ) |
Override which upgrades the authorization code to an access token and stores any refresh token in the DB.
string | $code | the authorisation code |
bool | true if the token could be upgraded |
moodle_exception |
Reimplemented from oauth2_client.
|
protectedinherited |
Should HTTP GET be used instead of POST? Some APIs do not support POST and want oauth to use GET instead (with the auth_token passed as a GET param).
bool | true if GET should be used |
|
inherited |
Perform redirects at PHP level instead of relying on native cURL functionality.
Always true now.